package com.springsecurity.springsecuritydemo.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

/**
 * @author wangning
 * @create 2021-03-28 10:58
 */
@Controller
public class LoginController {

	@RequestMapping("/login")
//	@ResponseBody
	public String login() {
		System.out.println("执行登录方法");

		return "redirect:login.html";
	}

	@PostMapping("/toMain")
//	@Secured("ROLE_abc")
//	@PreAuthorize()表达式允许ROLE_开头，也可以不以ROLE_开头，但是配置类不允许ROLE_开头
	@PreAuthorize("hasRole('abc')")
	public String toMain() {
		System.out.println("执行main页面");
		return "redirect:main.html";
	}

	@PostMapping("/toError")
	public String toError() {
		System.out.println("执行main页面");
		return "redirect:error.html";
	}

	@RequestMapping("/demo")
	public String toString() {

		return "demo";
	}

	@RequestMapping("/showLogin")
	public String showLogin() {
		return "login";
	}


}
